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CLAIMS 

Please amend the pending claims as follows, 

1. (Currently Amended) A method operational in a mobile user device for authentication in 
a public cryptographic system comprising: 

creating a first private key and corresponding first public key at the mobile user device; 

creating a second private key associated with the first private key and creating a second 
public key corresponding to the second private key at the mobile user device; 

out putting the second private key from the mobile user device while retaining the first 
private key in the mobile user device, wherein outputting the second private key comprises 
wirelessly transmitting a plurality of shares of the second private key to a plurality of different 
entities once, such that the second private key can be re-created by the mobile user device to 
replace use of the first private key and disable the first private key when the second private key is 
re-created and used for authentication; 

wirelessly transmitting the second public key to a verifier device concurrent with the first 
public key; and 

using the first private key for authentication of the mobile user device. 

2. (Currently Amended) The method of claim 1, wherein wirelessly transmitting the 
plurality of shares of the s econd publie -private key comprises: 

creating at least two shares of the second private key at the mobile user device; and 
wirelessly outputting each share once to a different entity. 

3. (Previously Presented) The method of claim 1, further comprising: 

re-creating the second private key at the mobile user device using the plurality of shares; 

and 

using the second private key for authentication of the mobile user device. 

4. (Cancelled) 
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5. (Previously Presented) The method of claim 3, further comprising: 

creating a third private key associated with the second private key and creating a third 
public key corresponding to the third private key; and 

outputting the third public key from the mobile user device. 

6. (Previously Presented) The method of claim 5, further comprising: 
outputting the third private key once such that it can be re-created; and 

re-creating the third private key at the mobile user device and using the third private key 
for authentication. 

7. (Previously Presented) The method of claim 1, wherein the second public and private 
keys are created independently from the first public and private keys. 

8. (Original) The method of claim 3, further comprising: 

creating a third private key associated with the second key and creating a third public key 
corresponding to the third private key; 

creating a fourth private key associated with the third private key and creating a fourth 
public key corresponding to the fourth private key; 

outputting the fourth private key once such that it can be re-created; and 

outputting the third and fourth public keys. 

9. (Previously Presented) The method of claim 8, further comprising: 
disabling use of the second private key for authentication; and 
using the third private key for authentication; 

re-creating the fourth private key; and 
using the fourth private for authentication. 

10. (Currently Amended) The method of claim 1, further comprising: 
preventing retransmission of the second private key. 
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11. (Previously Presented) A method for verification in a public cryptographic system 
comprising: 

wirelessly receiving a first public key from a mobile user device; 

wirelessly receiving a second public key from the mobile user device concurrent with 
receipt of the first public key, the second public key associated with the first public key, wherein 
the second public key has a corresponding second private key that is split into a plurality of 
shares that are sent to a plurality of different entities, where each share is sent only once and to a 
different entity, such that the second private key can be re-created by the mobile user device to 
replace use of a first private key corresponding to the first public key and disable the first private 
key when the second private key is re-created and used for authentication; 

using the first public key for authentication of the mobile user device; and 

using the second public key for authentication of the mobile user device if the first public 
key fails. 

1 2. (Previously Presented) The method of claim 1 1 , further comprising: 

receiving a third public key from the mobile user device, the third public key associated 
with the second public key, if the first public key fails and if the second public key results in a 
successful authentication. 

1 3 . (Previously Presented) The method of claim 1 1 , further comprising: 

receiving a third public key and a fourth public key from the mobile user device, if the 
first public key fails and if the second public key results in a successful authentication, wherein 
the third and the fourth public keys are associated with the second key. 
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14. (Currently Amended) A mobile user device configured for authentication in a public 
cryptographic system comprising: 

means for creating a first private key and corresponding first public key at the mobile user 

device; 

means for creating a second private key associated with the first private key and creating 
a second public key corresponding to the second private key at the mobile user device; 

means for outputting the second private key from the mobile user device while retaining 
the first private key in the mobile user device, wherein outputting the second private key 
comprises wirelessly outputting a plurality of shares of the second private key to a plurality of 
different entities once such that the second private key can be re-created by the mobile user 
device to replace use of the first private key and disable the first private key when the second 
private key is re-created and used for authentication- 
means for wirelessly outputting the second public key to a verifier device concurrent with 
outputting the first public key; and 

means for using the first private key for authentication. 

15. (Previously Presented) The device of claim 14, wherein means for wirelessly outputting. 
the second public key comprises: 

means for creating at least two shares of the second private key at the mobile user device; 

and 

means for wirelessly outputting each share once to a different entity, wherein subsequent 
outputting of the second private key is prevented. 

16. (Previously Presented) The device of claim 14, further comprising: 

means for re-creating the second private key at the mobile user device using the plurality 
of shares; and 

means for using the second private key for authentication of the mobile user device. 
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17. (Previously Presented) The device of claim 1 6, farther comprising: 

means for creating a third private key associated with the second private key and creating 
a third public key corresponding to the third private key; and 

means for vvirelessly outputting the third public key to the verifier device. 

1 8. (Previously Presented) The device of claim 16, further comprising: 

means for creating a third private key associated with the second key and creating a third 
public key corresponding to the third private key; 

means for creating a fourth private key associated with the third private key and creating a 
fourth public key corresponding to the fourth private key; 

means for wirelessly outputting the fourth private key once such that it can be re-created; 

and 

means for wirelessly outputting the third and fourth public keys to the verifier device. 

19. (Previously Presented) A verifier apparatus configured for verification in a public 
cryptographic system comprising: 

means for wirelessly receiving a first public key from a mobile user device; 

means for wirelessly receiving a second public key from the mobile user device 
concurrent with receipt of the first public key, the second public key associated with the first 
public key, wherein the second public key has a corresponding second private key that is split 
into a plurality of shares that are sent to a plurality of different entities, where each share is sent 
only once and to a different entity, such that the second private key can be re-created by the 
mobile user device to replace use of a first private key corresponding to the first public key and 
disable the first private key when the second private key is re-created and used for authentication; 

means for using the first public key for authentication of the mobile user device; and 

means for using the second public key for authentication of the mobile user device if the 
first public key fails. 
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20. (Previously Presented) The apparatus of claim 1 9, further comprising: 

means for receiving a third public key associated with the second public key from the 
mobile user device, if the first public key fails and if the second public key results in a successful 
authentication of the mobile user device. 

2 1 . (Previously Presented) The apparatus of claim 1 9, further comprising: 

means for receiving a third public key and a fourth public key, if the first public key fails 
and if the second public key results in a successful authentication, wherein the third and fourth 
public keys are associated with the second public key. 

22. (Currently Amended) A machine-readable medium comprising instructions for 
performing a public cryptography, which when executed by a processor causes the processor to: 

create a first private key and corresponding first public key at a mobile user device; 

create a second private key associated with the first private key and creating a second 
public key corresponding to the second private key at a mobile user device; 

keep the first private key within the mobile user device and wirelessly output the second 
private key as a plurality of shares of the second private key to a plurality of different entities 
once such that the second private key can be re-created by the mobile user device to replace use 
of the first private key and disable the first private key when the second private key is re-created 
and used for authentication; 

wirelessly output the second public key to a verifier device concurrent with outputting the 
first public key; and 

use the first private key for authentication of the mobile user device. 

23. (Previously Presented) The machine-readable medium of claim 22, wherein outputting 
the second private key further comprises instructions to: 

create at least two shares of the second private key; and 
output each share once to a different entity. 
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24. (Previously Presented) The machine-readable medium of claim 22 further comprising 
instructions to: 

recreate the second private key; and 

use the second private key for authentication. 

25. (Cancelled) 

26. (Previously Presented) A machine-readable medium comprising instructions for 
performing a public cryptography at a verifier device, which when executed by a processor 
causes the processor to: 

wirelessly receive a first public key from a mobile user device; 

wirelessly receive a second public key from the mobile user device concurrent with 
receipt of the first public key, the second public key associated with the first public key, wherein 
the second public key has a corresponding second private key that is split into a plurality of 
shares that are sent to a plurality of different entities, where each share is sent only once and to a 
different entity, such that the second private key can be re-created by the mobile user device to 
replace use of a first private key corresponding to the first public key and disable the first private 
key when the second private key is re-created and used for authentication; 

use the first public key for authentication of the mobile user device; and 
use the second public key for authentication of the mobile user device if the first public 
key fails. 

27. (Previously Presented) The machine-readable medium of claim 26 further comprising 
instructions to: 

wirelessly receive a third public key associated with the second public key, if the first 
public key fails and if the second public key results in a successful authentication. 
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28. (Previously Presented) The machine-readable medium of claim 26 further comprising 
instructions to: 

wirelessly receive a third public key and a fourth public key associated with the second 
public key, if the first public key fails and if the second public key results in a successful 
authentication. 

29-49 (Cancelled) 

50. (Currently Amended) A mobile user device used for authentication comprising: 

a processor configured to generate a first private key and corresponding first public key, 
the processor configured to generate a second private key associated with the first private key and 
to create a second public key corresponding to the second private key; 

a storage medium coupled to the processor, configured to store the first private key; and 
a wireless transmitter coupled to the processor to output the second private key as a 
plurality of shares of the second private key to a plurality of different entities once such that the 
second private key can be re-created by the mobile user device to replace use of the first private 
key and disable the first private key when the second private key is re-created and used for 
authentication, and output the second public key to the a verifier device concurrent with 
wirelessly outputting the first public key; 

wherein the processor uses the first private key for authentication of the mobile user 

device. 
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5 1 . (Previously Presented) Apparatus used for verification comprising: 

a receiver configured to wirelessly receive a first public key from a mobile user device 
and to receive a second public key from the mobile user device concurrent with receipt of the 
first public key, the second public key associated with the first public key, wherein the second 
public key has a corresponding second private key that is split into a plurality of shares that are 
sent to a plurality of different entities, where each share is sent only once and to a different entity, 
such that the second private key can be re-created by the mobile user device to replace use of a 
first private key corresponding to the first public key and disable the first private key when the 
second private key is re-created and used for authentication; 

a storage medium coupled to the receiver, configured to store the first and second public 
keys; and 

a processor coupled to the receiver, the processor configured to use the first public key for 
authentication of the mobile user device, the processor configured to use the second public key 
for authentication of the mobile user device if the first public key fails. 

52. (Withdrawn) The method of claim 1 , wherein the second private key is a function of the 
first private key and a system parameter. 

53. (New) The method of claim 1, wherein the second private key is removed from the 
mobile user device upon wireless transmission of the plurality of shares of the second private 
key. 

54. (New) The device of claim 14, wherein the means for wirelessly outputting the plurality 
of shares of the second private key comprise means for removing the second private key from the 
mobile user device. 

55. (New) The machine-readable medium of claim 22, wherein the processor is further 
caused to remove the second private key from the mobile device upon wirelessly outputting the 
plurality of shares of the second private key to the plurality of different entities. 
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56. (New) The mobile user device of claim 50, wherein the processor is configured to remove 
the second private key upon the output of the plurality of shares of the second private key to the 
plurality of different entities. 
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